Synopsis:In Information Security field, in order to defend against an adversary it is necessary to understand their tactics. The Information Security community draws quotes and inspiration from many tomes such as the Sun Tzu’s The Art of War. Any great book proves scalable as we can apply its lessons to anything we do in life, including Information Security. Learning from many sources and applying this knowledge to everything we do is key in maintaining a persistent defense to mitigate our adversary’s persistent attacks.

This presentation will focus on the lessons from C.S. Lewis’ novel “The Screwtape Letters”. The novel gives us behind the scene access to an intricate attack, which definitely meets the criteria of an advanced persistent threat. This presentation will discuss attack methods and provide a technical demonstration to show attendees how malicious actors perform reconnaissance, attack, entrenchment, and abuse of victims. The presentation will include a live demonstration on network exploitation techniques.

SpeakerBio:

Marcus currently works as a Security Researcher in the Metasploit engineering team at Rapid7. He has over 18 years of experience in Information Assurance experience working in the DoD as well as Federal and State Government organizations. His experience includes working at NSA, DIA, and DARPA. Marcus spends his time at Rapid7 researching emerging Information Security threats, developing new proof-of-concepts, and occasionally coding awesome Ruby code for Metasploit Framework.